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DETAILED ACTION 

This Office Action is in response to the application 10/752385 filed on 02/04/2010. 
Claims 3-5, 7, 9, 11, and 16-30 have been cancelled. 

Claims 1 and 8 have been amended. 

Claims 1, 2, 6, 8, 10, and 12-15 have been examined and are pending. 

Response to Arguments 

Applicant's arguments, sec page 6, filed 02/04/2010, with respect to the 35 U.S.C. § 1 12, 
1 st rejection of claims 1-2, 6, and 16-21 have been fully considered. The 35 U.S.C. §1 12, 1 st 
rejection of claims 1-2, 6, and 16-21 has been withdrawn due to amendment. 

Applicant's arguments, see page 7, filed 02/04/2010, with respect to the 35 U.S.C. § 1 12, 
2 nd rejection of claim 25 have been fully considered. The 35 U.S.C. § 1 12, 2 nd rejection of claim 
25 has been withdrawn due to cancellation of the claim. 

Applicant's arguments, see page 7, filed 02/04/2010, with respect to the 35 U.S.C. § 101 
rejection of claims 16-21 have been fully considered. The 35 U.S.C. § 101 rejection of claims 
16-20 has been withdrawn due to cancellation of claims 16-21. 

Applicant's arguments, see page 7, filed 02/04/2010, with respect to the 35 U.S.C. § 101 
rejection of claims 1-2, 6, 8, 10, and 12-15 have been fully considered but they are not 
persuasive. The 35 U.S.C. § 101 rejection of claims 1-2, 6, 8, 10, and 12-15 has been withdrawn 
due to amendment. 
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Applicant's arguments filed 02/04/2010 have been fully considered but they are not 
persuasive. 

The Applicant argues the following: 

(A) The propose combination does not show or suggest replacing insecure with security 
warnings within the content is vended to client. 

The Examiner respectfully disagrees for the following reasons: 
Per (A): 

The combination of Subramanian, Barton and Bazot teaches all limitations of claims 1-2, 
6, 8, and 13 including "replacing insecure with security warnings within the content is vended to 
client" as the following: 

Subramaniam positively teaches a method to manage secure communications 
implemented in a computer-readable medium and to execute on a proxy server, the method, 
comprising: 

establishing, by the proxy server, a secure session on a secure site with an external client 
that communicates from an insecure site [Subramaniam : Col. 1, line 25 to Col. 2, line 5; Col. 3 
lines 35-50; Col. 3, line 66 to Col. 4 line 1 7J; detecting, by the proxy server, access attempts 
during the secure session directed to insecure transactions, the insecure transactions identified as 
links to a site [Subramaniam : Col. 1, line 25 to Col. 2, line 25; Col. 6, lines 40-60; By checking 
the IP address which the request was made, the target server 104 determines that the request 
came from outside the security parameter 102. The target server 104 check user permission 
against access control list associated with the data ";Jig. 1, Border server 106 includes URL 
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transformer 108 and cache(s) 110; fig. 3; Border server 106; Col. 9, lines 32-43; "The possibly 
repeated acts within the transmitting step 128 involve sending one or more Web pages, files, or 
other pieces of non-secure data 130 from the target server 104 to the border server 106. The 
data 130 is non-secure in that it includes hypertext links, URLs, or other references which, if 
presented by the external client 112 to the secure network 100, ....which contain URLs specifying 
"http://" rather than "https://" in reference to data stored on the target server 104 are examples 
of non-secure data 130"; Col. 10, lines 10-19]; transparently managing, by the proxy server, the 
access attempts by pre-acquiring content from the external site by accessing the links on behalf 
of the external client to pre-acquire the content and by scanning and inspecting the content 
within the secure site before determining whether the content should be made available to the 
external client during the secure session [Subramaniam : Col. 1, line 25 to Col. 2, line 25 Col. 6, 
lines 40-60; The target server 104 check user permission against access control list associated 
with the data, or take other steps to make sure the requesting user is entitled to access the 
request data before providing data "; fig. 1, Border server 106 includes URL transformer 108 
and cache(s) 110; fig. 3; Border server 106; Col. 9, lines 32-43; "The possibly repeated acts 
within the transmitting step 128 involve sending one or more Web pages, files, or other pieces of 
non-secure data 130 from the target server 104 to the border server 106. The data 130 is non- 
secure in that it includes hypertext links, URLs, or other references which, if presented by the 
external client 112 to the secure network 100, ....which contain URLs specifying "http://" rather 
than "https://" in reference to data stored on the target server 104 are examples of non-secure 
data 130"; Col. 10, lines 10-19; Col. 5; lines 25-27; "The secure network 100 includes one or 
more file or object or Web servers such as target server 104"; figs. 1, 3; The target server 104 
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is in the secure network 100; Col. 10, lines 59-66; "The target server 104 can then transform 
any non-secure data 130 to the border server 106 for subsequent transmission to the external 
client 112. "], 

Barton positively discloses at least one access attempt associated with at least one piece 
of the content that is scanned identifies a true insecure reference by determining that the true 
insecure reference is a particular reference that has been determined by the method to have had 
the piece of the content or metadata of the true insecure reference tampered with [Barton: par. 
[0012]; scanning code operable to scan said data at said proxy computer for illegal content (i.e. 
a true insecure reference); See also par. [0014], [0018]; par. [0033]; if illegal content is found 
(i.e. a true insecure reference has been tampered), then this trigger an appropriate action such 
as sending of a warning webpage (i.e. custom warning) to a client ... The secure connection 
would also be terminated; fig. 4, par. [0039]] and an event associated with removing the true 
insecure reference is reported as a custom warning inserted into the content supplied to the 
external client [Barton: par. [0012]; scanning code operable to scan said data at said proxy 
computer for illegal content (i.e. a true insecure reference); See also par. [0014], [0018]; par. 
[0033]; if illegal content is found (i.e. a true insecure reference has been tampered), then this 
trigger an appropriate action such as sending of a warning webpage (i.e. custom warning) to a 
client ...The secure connection would also be terminated; fig. 4, par. [0039]]. 

Bazot positively discloses the true insecure reference is entirely removed from the 
content before the content is supplied to the external client [Bazot: abstract; fig. 2; par. [0008]; 
when returning an HTTP object o a client, the server also sends a cookie that the client will 
store. Included in such a cookie is domain information indicating in which domain the cookie is 
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valid. Any future HTTP request made by the client which fall in that range will include a 
transmittal of the current value of the cookie ... the cookie contain sensitive information that 
could be potentially used for hacking purpose; par. [0010]; transmitting a response to a user after 
cookie(s) has (have) been removed from the response; See also par. [0019-0020]]. 

Information Disclosure Statement 

The information disclosure statement (IDS) Form PTO-1449, filed on 02/04/2010 is in 
compliance with the provisions of 37 CFR 1 .97. Accordingly, the information disclosure 
statement is being considered by the examiner. 

Claim Rejections - 35 USC § 112 
The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

Claim 8 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite for failing to 
particularly point out and distinctly claim the subject matter which applicant regards as the 
invention. 

Claim 8 recites the limitation "the proxy" in line 1 1 . There is insufficient antecedent 
basis for this limitation in the claim. 
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Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 
rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1-2, 6, 8, and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Subramaniam et al. (US Patent: 6,081,900) in view of Barton et al. (US 2003/0131259 Al) 
further in view of Bazot et al. (US 2004/0073629 Al). 

As per claim 1; 

Subramaniam teaches a method to manage secure communications implemented in a computer- 
readable medium and to execute on a proxy server, the method, comprising: 

(a) establishing, by the proxy server, a secure session on a secure site with an external 
client that communicates from an insecure site [Subramaniam : Col. 1, line 25 to Col. 2, line 
25; Col. 3 lines 35-50; Col. 3, line 66 to Col. 4 line 17]; 

(b) detecting, by the proxy server, access attempts during the secure session directed to 
insecure transactions, the insecure transactions identified as links to a site [Subramaniam : Col. 
1, line 25 to Col. 2, line 25; Col. 6, lines 40-60; By checking the IP address which the request 
was made, the target server 104 determines that the request came from outside the security 
parameter 102. The target server 104 check user permission against access control list 



Application/Control Number: 1 0/752,385 Page 8 

Art Unit: 2439 

associated with the data"; fig. 1, Border server 106 includes URL transformer 108 and 
cache(s) 110; fig. 3; Border server 106; Col. 9, lines 32-43; "The possibly repeated acts 
within the transmitting step 128 involve sending one or more Web pages, files, or other 
pieces of non-secure data 130 from the target server 104 to the border server 106. The data 
130 is non-secure in that it includes hypertext links, URLs, or other references which, if 
presented by the external client 112 to the secure network 100, ....which contain URLs 
specifying "http://" rather than "https://" in reference to data stored on the target server 
104 are examples of non-secure data 130"; Col. 10, lines 10-19] [[(external site) to, not 
controlled by, and not recognized by the secure site, and the access attempts are directed to the 
insecure transactions having references to resources of the external site]]. 

(c) transparently managing, by the proxy server, the access attempts by pre-acquiring 
content from the external site by accessing the links on behalf of the external client to pre- 
acquire the content and by scanning and inspecting the content within the secure site before 
determining whether the content should be made available to the external client during the secure 
session [Subramaniam : Col. 1, line 25 to Col. 2, line 25 Col. 6, lines 40-60; The target 
server 104 check user permission against access control list associated with the data, or 
take other steps to make sure the requesting user is entitled to access the request data 
before providing data"; fig. 1, Border server 106 includes URL transformer 108 and 
cache(s) 110; fig. 3; Border server 106; Col. 9, lines 32-43; "The possibly repeated acts 
within the transmitting step 128 involve sending one or more Web pages, files, or other 
pieces of non-secure data 130 from the target server 104 to the border server 106. The data 
130 is non-secure in that it includes hypertext links, URLs, or other references which, if 
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presented by the external client 112 to the secure network 100, ....which contain URLs 
specifying "http://" rather than "https://" in reference to data stored on the target server 
104 are examples of non-secure data 130"; Col. 10, lines 10-19; Col. 5; lines 25-27; "The 
secure network 100 includes one or more file or object or Web servers such as target server 
104"; figs. 1, 3; The target server 104 is in the secure network 100; Col. 10, lines 59-66; 
"The target server 104 can then transform any non-secure data 130 to the border server 
106 for subsequent transmission to the external client 112."], ff and at least one access 
attempt associated with at least one piece of the content that is scanned identifies a true insecure 
reference by determining that the true insecure reference is a particular reference that has been 
determined by the method to have had the piece of the content or metadata of the true insecure 
reference tampered with, and the true insecure reference is entirely removed from the content 
before the content is supplied to the external client and an event associated with removing the 
true insecure reference is reported as a custom warning inserted into the content supplied to the 
external client. J J 

Subramaniam does not explicit disclose wherein the border server is external from the 
secure site, at least one access attempt associated with at least one piece of the content that is 
scanned identifies a true insecure reference by determining that the true insecure reference is a 
particular reference that has been determined by the method to have had the piece of the content 
or metadata of the true insecure reference tampered with, and the true insecure reference is 
entirely removed from the content before the content is supplied to the external client and an 
event associated with removing the true insecure reference is reported as a custom warning 
inserted into the content supplied to the external client. 
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It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to move the border server to an site external from the secure location, since it has 
been held that it requires routine skill in the art to rearrange the location of the border server 
because it would not have modified the operation of the device [See MPEP 2144.04; see also 
In reJapikse, 181 F.2d 1019, 86 USPQ 70 (CCPA 1950)]. 

Barton discloses transferring data via a secure network connection, wherein at least one 
access attempt associated with at least one piece of the content that is scanned identifies a true 
insecure reference by determining that the true insecure reference is a particular reference that 
has been determined by the method to have had the piece of the content or metadata of the true 
insecure reference tampered with [Barton: par. [0012]; scanning code operable to scan said 
data at said proxy computer for illegal content (Le. a true insecure reference)', See also par. 
[0014], [0018]; par. [0033]; if illegal content is found (i.e. a true insecure reference has been 
tampered), then this trigger an appropriate action such as sending of a warning webpage 
(i.e. custom warning) to a client ...The secure connection would also be terminated; fig. 4, 
par. [0039]], [[the true insecure reference is entirely removed from the content before the 
content is supplied to the external client]], and an event associated with removing the true 
insecure reference is reported as a custom warning inserted into the content supplied to the 
external client [Barton: par. [0012]; scanning code operable to scan said data at said proxy 
computer for illegal content (i.e. a true insecure reference); See also par. [0014], [0018]; par. 
[0033]; if illegal content is found (i.e. a true insecure reference has been tampered), then this 
trigger an appropriate action such as sending of a warning webpage (i.e. custom warning) 
to a client ...The secure connection would also be terminated; fig. 4, par. [0039]. 
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Therefore, it would have been obvious to one person of ordinary skill in the art at the 
time the invention was made to combine the method of Barton with the teaching of 
Subramaniam, wherein at least one access attempt associated with at least one piece of the 
content that is scanned identifies a true insecure reference by determining that the true insecure 
reference is a particular reference that has been determined by the method to have had the piece 
of the content or metadata of the true insecure reference tampered with and an event associated 
with removing the true insecure reference is reported as a custom warning inserted into the 
content supplied to the external client to ensure that a transferring data does not contain any 
illegal content by scanning for illegal content before data is delivered to a client [Barton: par. 
[0014]]. 

Subramaniam and Barton do not explicitly disclose wherein the true insecure reference is 
entirely removed from the content before the content is supplied to the external client. 

However, Bazot discloses method of accessing Internet resources through a proxy with 
improved security, wherein the true insecure reference is entirely removed from the content 
before the content is supplied to the external client [Bazot: abstract; fig. 2; par. [0008]; when 
returning an HTTP object o a client, the server also sends a cookie that the client will store. 
Included in such a cookie is domain information indicating in which domain the cookie is 
valid. Any future HTTP request made by the client which fall in that range will include a 
transmittal of the current value of the cookie ... the cookie contain sensitive information 
that could be potentially used for hacking purpose; par. [0010]; transmitting a response to a 
user after cookie(s) has (have) been removed from the response; See also par. [0019-0020]]. 
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Therefore, it would have been obvious to one person of ordinary skill in the art at the 
time the invention was made to combine the method of Bazot with the teaching of Subramaniam 
and Barton, wherein the true insecure reference is entirely removed from the content before the 
content is supplied to the external client to provide users with a means for accessing Internet 
resource through a proxy with improved security by preventing cookies from being downloaded 
and potentially analyzed by a user or a hacker taking a place of the user [Bazot: par. [0002], 
[0009]]. 



As per claim 2: 

The combination of Subramaniam, Barton, and Bazot teach the subject matter as described 
above. 

Subramaniam further teaches the method of claim 1 wherein the detecting further 
includes translating any non-secure links into secure links for some of the insecure transactions 
before presenting results of the access attempts to the external client [Subramaniam: Col. 3, 
lines 66-67; Col. 4, lines 1-8; Transforming non-secure URLs (i.e. HTTP) into secure URLs 
(i.e. HTTPs)]. 



As per claim 6: 

The combination of Subramaniam, Barton, and Bazot teach the subject matter as described 
above. 

Subramaniam further teaches the method of claim 1 wherein managing includes at least 
one or more of: 
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issuing alerts [Subramaniam: Col. 11, lines 61-67], notifications [Subramaniam: Col. 

8, lines 40-57], or advisories to a monitoring entity or log. 

As per claim 8: 

Subramaniam teaches a method to manage secure communications implemented in a computer- 
readable medium and to execute on a proxy server, the method, comprising: 

(a) detecting, by the proxy server, insecure transactions occurring during a secure session 
the insecure transactions result from actions requested by an external client participating in the 
secure session [Subramaniam : Col. 1, line 25 to Col. 2, line 25; Col. 6, lines 40-60; By 
checking the IP address which the request was made, the target server 104 determines that 
the request came from outside the security parameter 102]; 

(b) inspecting, by the proxy server, the insecure transactions in advance of satisfying the 
actions requested by pre-acquiring content associated with the insecure transactions before 
making available to the external client, and the insecure transactions are associated with links to 
an external site [[located outside a secure site associated with the secure session]], and content 
are pre-acquired from the external site via the links and inspected and scanned on behalf of the 
external client within the proxy [Subramaniam : Col. 1, line 25 to Col. 2, line 25; Col. 6, lines 
46-60; A target server check user permissions against access control lists; fig. 1, Border 
server 106 includes URL transformer 108 and cache(s) 110; fig. 3; Border server 106; Col. 

9, lines 32-43; "The possibly repeated acts within the transmitting step 128 involve sending 
one or more Web pages, files, or other pieces of non-secure data 130 from the target server 
104 to the border server 106. The data 130 is non-secure in that it includes hypertext links, 
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URLs, or other references which, if presented by the external client 112 to the secure 
network 100, ....which contain URLs specifying "http://" rather than "https://" in 
reference to data stored on the target server 104 are examples of non-secure data 130"; 
Col. 10, lines 10-19; Col. 5, lines 42-49; proxy servers]; 

(c) and making, by the proxy server, a determination based on the inspection for taking 
processing actions including one or more of the following: 

(d) permitting, by the proxy server, some of the insecure transactions to proceed in a 
modified fashion [Subramaniam : Col. 3, lines 66-67; Col. 4, lines 1-8; Transforming non- 
secure URLs (i.e. HTTP) into secure URLs (i.e. HTTPs)] ff denying some of the insecure 
transactions by denying the actions requested, and some of the insecure transactions that are 
denied are identified as references that have a World-Wide Web (WWW) cookie associated with 
their headers, and these references are entirely removed from the content before the content is 
supplied to the external client and the references entirely removed are reported as custom 
warning messages inserted into content supplied to the external client]]. 

Subramaniam does not explicitly disclose wherein the border server is external from 
secure site, denying some of the insecure transactions by denying the actions requested, and 
some of the insecure transactions that are denied are identified as references that have a World- 
Wide Web (WWW) cookie associated with their headers, and these references are entirely 
removed from the content before the content is supplied to the external client and the references 
entirely removed are reported as custom warning messages inserted into content supplied to the 
external client. 
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It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to move the border server to an site external from the secure location, since it has 
been held that it requires routine skill in the art to rearrange the location of the border server 
because it would not have modified the operation of the device [See MPEP 2144.04; see also 
In reJapikse, 181 F.2d 1019, 86 USPQ 70 (CCPA 1950)]. 

Barton discloses transferring data via a secure network connection, wherein denying 
some of the insecure transactions by denying the actions requested, and some of the insecure 
transactions that are denied are identified as references [Barton: par. [0012]; scanning code 
operable to scan said data at said proxy computer for illegal content; See also par. [0014], 
[0018]; par. [0033]; if illegal content is found, the this trigger an appropriate action such as 
sending of a warning webpage (i.e. custom warning) to a client ...The secure connection 
would also be terminated; fig. 4, par. [0039]] [[that have a World-Wide Web (WWW) cookie 
associated with their headers, and these references are entirely removed from the content before 
the content is supplied to the external client]] and the references entirely removed are reported as 
custom warning messages inserted into content supplied to the external client [Barton: par. 
[0012]; scanning code operable to scan said data at said proxy computer for illegal content; 
See also par. [0014], [0018]; par. [0033]; if illegal content is found, the this trigger an 
appropriate action such as sending of a warning webpage (i.e. custom warning) to a client 
...The secure connection would also be terminated; fig. 4, par. [0039]] 

Therefore, it would have been obvious to one person of ordinary skill in the art at the 
time the invention was made to combine the method of Barton with the teaching of 
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Subramaniam to ensure that a transferring data does not contain any illegal content by scanning 
for illegal content before data is delivered to a client [Barton: par. [0014]]. 

Subramaniam and Barton do not explicitly disclose wherein World-Wide Web (WWW) 
cookie associated with their headers, and these references are entirely removed from the content 
before the content is supplied to the external client and the references entirely removed are 
reported as custom warning messages inserted into content supplied to the external client. 

However, Bazot discloses method of accessing Internet resources through a proxy with 
improved security, wherein World-Wide Web (WWW) cookie associated with their headers 
[Bazot: abstract; cookie containing information about the user's session; par. [0008]; when 
returning an HTTP object to a client, the server also sends a cookie that the client will 
store. Included in such a cookie is domain information indicating in which domain the 
cookie is valid. Any future HTTP request made by the client which fall in that range will 
include a transmittal of the current value of the cookie], and wherein these references are 
entirely removed from the content before the content is supplied to the external client [Bazot: 
abstract; fig. 2; par. [0010]; transmitting a response to a user after cookie(s) has (have) been 
removed from the response; See also par. [0019-0020]]. 

Therefore, it would have been obvious to one person of ordinary skill in the art at the 
time the invention was made to combine the method of Bazot with the teaching of Subramaniam 
and Barton, wherein the true insecure reference is entirely removed from the content before the 
content is supplied to the external client to provide users with a means for accessing Internet 
resource through a proxy with improved security by preventing cookies from being downloaded 
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and potentially analyzed by a user or a hacker taking a place of the user [Bazot: par. [0002], 
[0009]]. 

As per claim 13: 

Subramaniam further discloses the method of claim 8 wherein the making a 
determination further includes permitting some of the insecure transactions to proceed in a 
modified fashion by transparently processing the external client access attempt within the proxy 
server making the external client access attempt appear to be part of the secure session 
[Subramaniam: Col. 3, lines 66-67; Col. 4, lines 1-8; Transforming non-secure URLs (i.e. 
HTTP) into secure URLs (i.e. HTTPs)]. 

Claims 10, 12, and 14-15 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Subramaniam et al. (US Patent: 6,081,900) in view of Barton et al. (US 2003/0131259 Al) 
further in view of Bazot et al. (US 2004/0073629 Al), and further in view of "Netscape Proxy 
Server Administrator's Guide Version 3.5 for Unix", 1997, as provided by applicant herein after 
Netscape_unix_v3.5. 

As per claim 10: 

The combination of Subramaniam, Barton, and Bazot, teaches the subject matter as 
described above. 

Subramaniam further discloses a method permitting the insecure transactions to proceed 
in the modified fashion by changing the reference links from Hypertext Transfer Protocol 
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(HTTP) insecure links to HTTP over Secure Sockets Layer (HTTPS) [Subramaniam : Col. 3, 
lines 66-67; Col. 4, lines 1-8; Transforming non-secure URLs (i.e. HTTP) into secure URLs 
(i.e. HTTPs)]. 

Subramaniam, Barton, and Bazot do not disclose to suppress security warning messages. 

However, Netscape_unix_v3.5 discloses to suppress security warning messages 
[Netscape_unix_v3.5: Chapter 10, pages 1-3; A proxy server can be configured a custom 
message, which sends to an external client. A customized text message can be an empty 
text]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Bazot by including the 
teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 

As per claim 12: 

The combination of Subramaniam, Barton, and Bazot, teaches the subject matter as described 
above. 

Subramaniam discloses a method permitting insecure transactions to proceed unmodified 
[Subramaniam: Col. 2, lines 36-41], 
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Subramaniam, Barton, and Bazot do not explicitly disclose permitting normally occurring 
security warnings to be presented to the client before satisfying the external client access attempt 
to reference the external site. 

However, Netscape_unix_v3.5 discloses permitting normally occurring security warnings 
to be presented to external the client before satisfying the external client access attempt to 
reference the external site [Netscape_unix_v3.5 : Chapter 10, pages 1-3; Chapter 13, page 1; 
A proxy server can be configured a custom message, which sends to an external client. A 
customized text message can be security warning messages]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Bazot by including the 
teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 

As per claim 14: 

The combination of Subramaniam, Barton, and Bazot teaches the subject matter as 
described above. 

Subramaniam, Barton, and Bazot do not explicitly disclose method, wherein the making a 
determination further includes denying the insecure transactions after determining that the 
external client access attempt is corrupted and notifying the external client of a denial. 
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However, Netscape_unix_v3.5 discloses a method wherein the making a determination 
further includes denying the insecure transactions after determining that the external client access 
attempt is corrupted and notifying the external client of a denial [Netscape_unix_v3.5: Chapter 
13, page 1; A proxy will issue a fatal error (i.e. catastrophe) if an outside agent causes cache 
files to become corrupt]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Bazot by including the 
teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 

As per claim 15: 

The combination of Subramaniam, Barton, and Bazot teaches the subject matter 
as described above. 

Subramaniam, Barton, and Bazot do not explicitly disclose the method of claim 8 
wherein the making a determination further includes denying the some of the insecure 
transactions after determining that the external client access attempt is corrupted and logging 
information about the external client access attempt. 

However, Netscape_unix_v3.5 discloses a method wherein the making a determination 
further includes denying the insecure transactions after determining that the external client access 
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attempt is corrupted and logging information about the external client access attempt 
[Netscape_unix_v3.5 : Chapter 13, pages 1-7]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Bazot by including the 
teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 

Conclusion 

The examiner requests, in response to this Office action, support be shown for language 
added to any original claims on amendment and any new claims. That is, indicate support for 
newly added claim language by specifically pointing to page(s) and line number(s) in the 
specification and/or drawing figure(s). This will assist the examiner in prosecuting the 
application. Failure to show support can result in a non-compliant response. 

When responding to this office action, Applicant is advised that if Applicant traverses an 
obviousness rejection under 35 U.S.C. 103, a reasoned statement must be included explaining 
why the Applicant believes the Office has erred substantively as to the factual findings or the 
conclusion of obviousness See 37 CFR 1.11 1(b). 

Additionally Applicant is further advised to clearly point out the patentable novelty which he or 
she thinks the claims present, in view of the state of the art disclosed by the references cited or 
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the objections made. He or she must also show how the amendments avoid such references or 
objections See 37 CFR 1 . 1 1 1(c). 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Canh Le whose telephone number is 571-270-1380. The 
examiner can normally be reached on Monday to Friday 7:30AM to 5:00PM other Friday off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Orgad Edan can be reached on 571-272-7884. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Canh Le/ 

Examiner, Art Unit 2439 
May 6, 2010 



/Edan Orgad/ 

Supervisory Patent Examiner, Art Unit 2439 



